CN115514732B - Source NAT IP distribution method and device based on TCP connection number - Google Patents

Source NAT IP distribution method and device based on TCP connection number Download PDF

Info

Publication number
CN115514732B
CN115514732B CN202211073161.4A CN202211073161A CN115514732B CN 115514732 B CN115514732 B CN 115514732B CN 202211073161 A CN202211073161 A CN 202211073161A CN 115514732 B CN115514732 B CN 115514732B
Authority
CN
China
Prior art keywords
nat
server
port
tcp
gateway
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211073161.4A
Other languages
Chinese (zh)
Other versions
CN115514732A (en
Inventor
赵红伟
高婷静
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Liangxun Iot Technology Co ltd
Original Assignee
Shanghai Liangxun Iot Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Liangxun Iot Technology Co ltd filed Critical Shanghai Liangxun Iot Technology Co ltd
Priority to CN202211073161.4A priority Critical patent/CN115514732B/en
Publication of CN115514732A publication Critical patent/CN115514732A/en
Application granted granted Critical
Publication of CN115514732B publication Critical patent/CN115514732B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2557Translation policies or rules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Abstract

The application discloses a source NAT IP distribution method and a system based on TCP connection number, wherein the method comprises the following steps: receiving a TCP request packet sent to a server by an intranet host on a gateway, and extracting the IP and the Port of a target server from the request packet; judging whether the IP and the Port of the target server exist in an equilibrium server list of the TCP connection, if not, ending the current process; if the IP and the Port of the target server exist, the IP and the Port of the target server are sent into the NAT strategy of the gateway, if the IP of the host does not hit the NAT strategy of the gateway, the current process is ended; if the IP of the host hits the NAT strategy of the gateway, an ascending ordered list of the number of TCP connections which are established with the hit server in the NAT IP pool is obtained, and the priority is calculated to obtain the preferred NAT IP; the IP of the request packet header of the intranet is replaced by the preferred NAT IP, and the source Port of the request packet header is randomly replaced by a Port which is not repeated with the existing session. The application can realize the load balance of the connection quantity when the NAT IP establishes the TCP with the target IP.

Description

Source NAT IP distribution method and device based on TCP connection number
Technical Field
The application belongs to the technical field of Internet of things and data communication, and particularly relates to a source NAT IP distribution method and device based on TCP connection numbers.
Background
In the existing Internet of things technology, when a large number of terminals access a server deployed on the Internet through a centralized gateway, and the server limits the maximum number of concurrent TCP connection sessions of source IPs of the server for IPs and ports monitored by the service, and meanwhile, the number of connections is unbalanced when the number of IPs in a NAT (Network Address Translation) IP pool deployed on the gateway is small, so that TCP connections are too concentrated on a certain or part of IPs, and subsequent TCP requests of the IPs are rejected by the server. The reason for this is that: 1. the gateway cannot share the session load of the IP in the NAT IP pool according to the destination IP and the Port, so that the number of TCP sessions from the NAT IP to the destination IP is unbalanced; 2. the session number of the partial NAT IP is larger than the maximum concurrent TCP connection session number limit of the source IP of the server, so that the subsequent terminal using the partial NAT IP cannot establish TCP connection with the server; 3. the NAT IP probing method in the prior art is ineffective for the above problems. Specifically: when the existing NAT IP detection method uses an ICMP protocol to detect NAT IP as a source and uses a server IP as a target, the ICMP is not limited by a server, ICMP detection is available, and an actual TCP session cannot be newly established to cause detection invalidation; when the existing NAT IP detection method uses a TCP protocol to detect NAT IP as a source and uses a server IP as a destination, the detection behavior itself needs to occupy TCP session number, and the detection process needs to establish TCP handshake, so that the duration is long, the availability state can not be perceived sensitively, and the detection reliability is low. Chinese patent CN201710958185.0 discloses a method for detecting availability of public network IP in NAT address pool, which determines whether public network IP used for NAT session connection is available by probing, thereby improving conversion efficiency of source address network conversion. However, this scheme does not involve providing a specific probing method, and NAT IP assignment cannot be performed for the number of TCP connections. Therefore, how to develop a new source NAT IP allocation method based on the number of TCP connections to overcome the above-mentioned drawbacks in the prior art is a direction that a person skilled in the art needs to study.
Disclosure of Invention
The application aims to provide a source NAT IP distribution method based on TCP connection number. The load balancing of the number of the connections can be realized when the NAT IP establishes the TCP with the target IP, and the situation that the TCP session is too concentrated on a certain NAT IP or a certain NAT IP, so that the server refuses to establish the new TCP connection is reduced.
The technical scheme adopted by the method is as follows:
a source NAT IP distribution method based on TCP connection number includes the following steps:
step 1: receiving a TCP request packet sent to a server by an intranet host on a gateway, and extracting the IP and the Port of a target server from the request packet;
step 2: judging whether the IP and the Port of the target server exist in an equilibrium server list of the TCP connection, if not, ending the current process; if yes, jumping to the step 3;
step 3: sending the IP and Port of the target server into the NAT strategy of the gateway, if the IP of the host does not hit the NAT strategy of the gateway, ending the current process; if the IP of the host hits the NAT strategy of the gateway, the step 4 is skipped;
step 4: acquiring an ascending ordered list of the number of TCP connections which are established with the hit server in the NAT IP pool, and calculating priority to acquire the preferred NAT IP;
step 5: the IP of the request packet header of the intranet is replaced by the preferred NAT IP, and the source Port of the request packet header is randomly replaced by a Port which is not repeated with the existing session.
Preferably, in the source NAT IP allocation method based on the number of TCP connections, the step 1 includes:
step 11: carrying out secondary processing on the message received by the gateway from the intranet host, screening out the message containing the TCP protocol label in the packet header and discarding other messages;
step 12: extracting the IP and Port of the target server from the message screened in the step 11;
step 13: and extracting a TCP request source IP and a Port of the intranet host.
More preferably, in the source NAT IP allocation method based on the number of TCP connections, the balanced server list in step 2 includes a server name, an IP for service interception, and a Port for service interception; the server is a device or system with the functions of monitoring IP and Port and responding to TCP requests.
Further preferably, in the source NAT IP allocation method based on the number of TCP connections, the step 4 includes:
step 41: acquiring an equilibrium server list of TCP connection;
step 42: acquiring a NAT conversion table existing in the gateway at present, wherein the NAT conversion table is a TCP session table established between the gateway and a matched server;
step 43: the method comprises the steps that the NAT conversion table of an IP and Port matching gateway in a server list is balanced through TCP connection, and the number of established TCP sessions between the NAT IP and the server is obtained;
step 44: sequencing NAT IPs to obtain ascending sequence of TCP session number established by NAT IPs and a server, and numbering records in the sequence;
step 45: and taking the NAT IP with the sequence number of 0 in the sequence as the preferred IP of the current newly-built session.
In order to realize the above distribution method, the application further discloses a source NAT IP distribution device based on TCP connection number, which has the following technical scheme:
a source NAT IP assignment apparatus based on a number of TCP connections, comprising: the system comprises a receiving module, a server list module, a sequence module and an allocation module;
the receiving module is used for accessing the gateway, receiving a TCP request packet sent to the server by the intranet host on the gateway, and extracting the IP and the Port of the target server from the request packet;
the server list module is connected with the receiving module and is used for acquiring the IP and the Port of the target server from the receiving module and judging whether the IP and the Port of the target server exist in an equilibrium server list connected with the TCP;
the sequence module is connected with the server list module and is used for acquiring an ascending ordered list of the number of TCP connections which are established with the hit server in the NAT IP pool, and calculating the priority to acquire the preferred NAT IP;
the distribution module is connected with the sequence module and is used for replacing the IP of the request packet header of the intranet with the preferred NAT IP and randomly replacing the source Port of the request packet header with a Port which is not repeated with the existing session.
Compared with the prior art, the scheme of the application can distribute the source NAT IP based on the TCP connection number, ensures the balance of the quantity of the TCP connection established by the NAT IP to the server in a given range, and can effectively reduce the probability that the TCP session is too concentrated on a single or a certain part of NAT IP to cause the server to refuse to newly establish the TCP connection.
Drawings
FIG. 1 is a system block diagram of embodiment 1;
FIG. 2 is a workflow diagram of example 1;
FIG. 3 is a schematic diagram of typical message flows involved in TCP establishment by the source NAT IP distribution method;
FIG. 4 is a diagram illustrating a sequence change during operation of a sequence module in a source NAT IP allocation method;
fig. 5 is a flowchart of the source NAT IP allocation method sequence calculation.
The names of the corresponding parts of the reference numerals are as follows:
1. a receiving module; 2. a server list module; 3. a sequence module; 4. and a distribution module.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
Example 1 is shown in fig. 1:
a source NAT IP assignment apparatus based on a number of TCP connections, comprising: a receiving module 1, a server list module 2, a sequence module 3 and an allocation module 4.
The receiving module 1 is used for accessing the gateway, receiving a TCP request packet sent to the server by the intranet host on the gateway, and extracting the IP and the Port of the target server from the request packet; specifically, the main function of the method is to receive tcp.flags.sysn messages sent by an intranet host, extract destination IP and Port in the messages and send the messages to the server list module 2. The information sent to the server list module 2 also comprises a TCP request source IP and a Port of the intranet host.
The server list module 2 is used for acquiring the IP and the Port of the target server from the receiving module 1 and judging whether the IP and the Port of the target server exist in an equilibrium server list of the TCP connection; specifically: the module obtains destination IP and Port in TCP request message of host H from receiving module, matches load balancing server list in the module with the destination IP and Port, and outputs matching result to sequence module after matching is completed, wherein the matching result at least contains hit server IP and Port, and contains source IP and Port information of H. The load balancing server list is specifically an operable list containing server information selected to participate in the allocation method of the application, and at least contains server names, IP of service monitoring and Port information of service monitoring, and the content of the list supports pre-configuration.
The sequence module is connected with the server list module and is used for acquiring an ascending ordered list of the number of TCP connections which are established with the hit server in the NAT IP pool, and calculating the priority to acquire the preferred NAT IP; specifically: the module receives the TCP request information hit by the matching from the server list module, comprises hit server IP and Port, and comprises source IP and Port information of H. On the other hand, the current NAT conversion table is obtained from the gateway, wherein the conversion table specifically refers to a TCP session table established by the gateway and the server IP and Port. Further, the module ranks up the number of TCP sessions from different NAT IPs to the hit server IP, port, calculates the priority to obtain the preferred NAT IP, and the sequence module sends the preferred NAT IP to the allocation module.
The distribution module is connected with the sequence module and is used for replacing the IP of the request packet header of the intranet with the preferred NAT IP and randomly replacing the source Port of the request packet header with a Port which is not repeated with the existing session.
As shown in fig. 2-5, the working process is as follows:
a source NAT IP distribution method based on TCP connection number includes the following steps:
step 1: receiving a TCP request packet sent to a server by an intranet host on a gateway, and extracting the IP and the Port of a target server from the request packet;
specifically, step 1 includes: carrying out secondary processing on the message received by the gateway from the intranet host, screening out the message containing the TCP protocol label in the packet header and discarding other messages; extracting the IP and Port of the target server from the screened message; and extracting a TCP request source IP and a Port of the intranet host.
Step 2: judging whether the IP and the Port of the target server exist in an equilibrium server list of the TCP connection, if not, ending the current process; if yes, jumping to the step 3; the balanced server list comprises server names, IP for service monitoring and Port for service monitoring; the server is a device or system with the functions of monitoring IP and Port and responding to TCP requests.
Step 3: sending the IP and Port of the target server into the NAT strategy of the gateway, if the IP of the host does not hit the NAT strategy of the gateway, ending the current process; if the IP of the host hits the NAT strategy of the gateway, the step 4 is skipped; in this step, the NAT policy of the gateway is a part of the gateway for implementing the NAT function, which belongs to the prior art and is not described herein.
Step 4: acquiring an ascending ordered list of the number of TCP connections which are established with the hit server in the NAT IP pool, and calculating priority to acquire the preferred NAT IP; specifically, step 4 includes:
step 41: acquiring an equilibrium server list of TCP connection;
step 42: acquiring a NAT conversion table existing in the gateway at present, wherein the NAT conversion table is a TCP session table established between the gateway and a matched server;
step 43: the method comprises the steps that the NAT conversion table of an IP and Port matching gateway in a server list is balanced through TCP connection, and the number of established TCP sessions between the NAT IP and the server is obtained;
step 44: sequencing NAT IPs to obtain ascending sequence of TCP session number established by NAT IPs and a server, and numbering records in the sequence;
step 45: and taking the NAT IP with the sequence number of 0 in the sequence as the preferred IP of the current newly-built session.
Step 5: the IP of the request packet header of the intranet is replaced by the preferred NAT IP, and the source Port of the request packet header is randomly replaced by a Port which is not repeated with the existing session.
In the above process: the distribution device determines the state of the TCP connection by monitoring the subsequent receiving and transmitting messages of the receiving module, determines that the TCP connection is established when receiving a tcp.flag.ack message sent by H to the SV corresponding to the request, changes the number of established connections in the NAT conversion table of the gateway at the moment, and recalculates the sequence when the process of step 5 is carried out next time. If the gateway does not receive the tcp/flags/ackmessage sent by H to the SV corresponding to the request, or receives the tcp/flags/rst sent by either end, or continuously receives the retransmission timeout of H or SV, the connection is failed, and the process of the method is ended, and the method for judging the retransmission and timeout is the prior art and is not described in detail herein.
In the initial stage, the distribution device matches and generates a data table containing priority, NAT IP, server Port and established TCP session number according to the existing IP and Port information in the server list and the current TCP session table of the gateway, and each pair of server IP: port has a unique data table. The allocation means ranks the priorities of the table in ascending order according to the number of established TCP sessions, and when the number of sessions is the same, the priority is expressed by a non-negative integer with a decimal value of the IP address from right to left being small, and the priority is higher as the value is smaller, wherein 0 is preferable. The priority is recalculated after each TCP setup is completed.
Through the working process, the target IP: port in the TCP requests sent by the intranet hosts is evenly distributed to all NAT IPs if the server list is hit. Therefore, the equilibrium of the number of TCP connections established by the NAT IP to the server in a given range is ensured, and meanwhile, the probability that the TCP session is too concentrated on a single or a certain part of NAT IP to cause the server to refuse to establish new TCP connections can be effectively reduced.
Although embodiments of the present application have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made therein without departing from the principles and spirit of the application, the scope of which is defined in the appended claims and their equivalents.

Claims (5)

1. The source NAT IP distribution method based on the TCP connection number is characterized by comprising the following steps:
step 1: receiving a TCP request packet sent to a server by an intranet host on a gateway, and extracting the IP and the Port of a target server from the request packet;
step 2: judging whether the IP and the Port of the target server exist in an equilibrium server list of the TCP connection, if not, ending the current process; if yes, jumping to the step 3;
step 3: sending the IP and Port of the target server into the NAT strategy of the gateway, if the IP of the host does not hit the NAT strategy of the gateway, ending the current process; if the IP of the host hits the NAT strategy of the gateway, the step 4 is skipped;
step 4: acquiring an ascending ordered list of the number of TCP connections which are established with the hit server in the NAT IP pool, and calculating priority to acquire the preferred NAT IP;
step 5: the IP of the request packet header of the intranet is replaced by the preferred NAT IP, and the source Port of the request packet header is randomly replaced by a Port which is not repeated with the existing session.
2. The source NAT IP allocation method according to claim 1, wherein step 1 includes:
step 11: carrying out secondary processing on the message received by the gateway from the intranet host, screening out the message containing the TCP protocol label in the packet header and discarding other messages;
step 12: extracting the IP and Port of the target server from the message screened in the step 11;
step 13: and extracting a TCP request source IP and a Port of the intranet host.
3. The source NAT IP allocation method according to claim 1, wherein the balanced server list in step 2 includes server names, IP for service listening and Port for service listening; the server is a device or system with the functions of monitoring IP and Port and responding to TCP requests.
4. The source NAT IP allocation method according to claim 1, wherein step 4 includes:
step 41: acquiring an equilibrium server list of TCP connection;
step 42: acquiring a NAT conversion table existing in the gateway at present, wherein the NAT conversion table is a TCP session table established between the gateway and a matched server;
step 43: the method comprises the steps that the NAT conversion table of an IP and Port matching gateway in a server list is balanced through TCP connection, and the number of established TCP sessions between the NAT IP and the server is obtained;
step 44: sequencing NAT IPs to obtain ascending sequence of TCP session number established by NAT IPs and a server, and numbering records in the sequence;
step 45: and taking the NAT IP with the sequence number of 0 in the sequence as the preferred IP of the current newly-built session.
5. A source NAT IP distribution device based on the number of TCP connections, comprising: the system comprises a receiving module, a server list module, a sequence module and an allocation module;
the receiving module is used for accessing the gateway, receiving a TCP request packet sent to the server by the intranet host on the gateway, and extracting the IP and the Port of the target server from the request packet;
the server list module is connected with the receiving module and is used for acquiring the IP and the Port of the target server from the receiving module and judging whether the IP and the Port of the target server exist in an equilibrium server list connected with the TCP;
the sequence module is connected with the server list module and is used for acquiring an ascending ordered list of the number of TCP connections which are established with the hit server in the NAT IP pool, and calculating the priority to acquire the preferred NAT IP;
the distribution module is connected with the sequence module and is used for replacing the IP of the request packet header of the intranet with the preferred NAT IP and randomly replacing the source Port of the request packet header with a Port which is not repeated with the existing session.
CN202211073161.4A 2022-09-02 2022-09-02 Source NAT IP distribution method and device based on TCP connection number Active CN115514732B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211073161.4A CN115514732B (en) 2022-09-02 2022-09-02 Source NAT IP distribution method and device based on TCP connection number

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211073161.4A CN115514732B (en) 2022-09-02 2022-09-02 Source NAT IP distribution method and device based on TCP connection number

Publications (2)

Publication Number Publication Date
CN115514732A CN115514732A (en) 2022-12-23
CN115514732B true CN115514732B (en) 2023-08-25

Family

ID=84501971

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211073161.4A Active CN115514732B (en) 2022-09-02 2022-09-02 Source NAT IP distribution method and device based on TCP connection number

Country Status (1)

Country Link
CN (1) CN115514732B (en)

Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6381638B1 (en) * 1999-02-24 2002-04-30 3Com Corporation System and method for options based address reuse
CN101083665A (en) * 2007-07-30 2007-12-05 杭州华三通信技术有限公司 Method and apparatus for limiting session number
CN104601738A (en) * 2014-12-09 2015-05-06 国家计算机网络与信息安全管理中心 Distributed network address translation system
CN105472025A (en) * 2015-12-28 2016-04-06 曙光信息产业(北京)有限公司 Load balancing method and device based on DNS (domain name system)
CN106878487A (en) * 2017-03-29 2017-06-20 新华三技术有限公司 Public network address distribution method and device
CN107094147A (en) * 2017-05-05 2017-08-25 中国科学院信息工程研究所 NAT recognition methods based on cookieID in a kind of extensive flow
CN107547689A (en) * 2017-09-20 2018-01-05 新华三技术有限公司 A kind of network address translation CGN method and apparatus of carrier-class
CN107682470A (en) * 2017-10-16 2018-02-09 杭州迪普科技股份有限公司 The method and device of public network IP availability in a kind of detection nat address pool
CN107995056A (en) * 2016-10-27 2018-05-04 中国移动通信集团公司 The method and device of fire wall recessiveness NAT breakdown judges
CN108848194A (en) * 2018-08-20 2018-11-20 普联技术有限公司 Session establishing method, router and conversational system between Intranet client
KR102123831B1 (en) * 2018-12-31 2020-06-17 주식회사 케이아이씨텍 Method for internal network connection in external network through keep alive trunking and apparatus thereof
CN111385363A (en) * 2020-03-17 2020-07-07 杭州圆石网络安全技术有限公司 Resource allocation method and resource allocation device
CN112202935A (en) * 2020-08-28 2021-01-08 中盈优创资讯科技有限公司 NAT address pool management method and device
CN112965824A (en) * 2021-03-31 2021-06-15 北京金山云网络技术有限公司 Message forwarding method and device, storage medium and electronic equipment
CN114070815A (en) * 2020-07-28 2022-02-18 中创为(成都)量子通信技术有限公司 Method and device for expanding NAPT support based on VPP
CN114745413A (en) * 2022-04-06 2022-07-12 苏州浪潮智能科技有限公司 Access control method and device for server, computer equipment and storage medium
CN114979065A (en) * 2022-04-12 2022-08-30 北京威努特技术有限公司 Method and device for improving source NAT address translation effectiveness

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7958199B2 (en) * 2001-11-02 2011-06-07 Oracle America, Inc. Switching systems and methods for storage management in digital networks
US7752334B2 (en) * 2002-10-15 2010-07-06 Nomadix, Inc. Intelligent network address translator and methods for network address translation
ATE353522T1 (en) * 2003-12-23 2007-02-15 Cit Alcatel METHOD FOR EXECUTING A SYMMETRIC ADDRESS CONVERSION
TWI250751B (en) * 2004-10-01 2006-03-01 Realtek Semiconductor Corp Apparatus and method for IP allocation
EP1966977B1 (en) * 2005-12-30 2016-05-04 Telecom Italia S.p.A. Method and system for secure communication between a public network and a local network
US10938777B2 (en) * 2018-10-09 2021-03-02 ColorTokens, Inc. Computer implemented system and method for snooping PCP packets
CN111131544B (en) * 2019-12-26 2023-03-24 杭州迪普科技股份有限公司 Method for realizing NAT traversal
CN111131339A (en) * 2020-04-01 2020-05-08 深圳市云盾科技有限公司 NAT equipment identification method and system based on IP identification number

Patent Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6381638B1 (en) * 1999-02-24 2002-04-30 3Com Corporation System and method for options based address reuse
CN101083665A (en) * 2007-07-30 2007-12-05 杭州华三通信技术有限公司 Method and apparatus for limiting session number
CN104601738A (en) * 2014-12-09 2015-05-06 国家计算机网络与信息安全管理中心 Distributed network address translation system
CN105472025A (en) * 2015-12-28 2016-04-06 曙光信息产业(北京)有限公司 Load balancing method and device based on DNS (domain name system)
CN107995056A (en) * 2016-10-27 2018-05-04 中国移动通信集团公司 The method and device of fire wall recessiveness NAT breakdown judges
CN106878487A (en) * 2017-03-29 2017-06-20 新华三技术有限公司 Public network address distribution method and device
CN107094147A (en) * 2017-05-05 2017-08-25 中国科学院信息工程研究所 NAT recognition methods based on cookieID in a kind of extensive flow
CN107547689A (en) * 2017-09-20 2018-01-05 新华三技术有限公司 A kind of network address translation CGN method and apparatus of carrier-class
CN107682470A (en) * 2017-10-16 2018-02-09 杭州迪普科技股份有限公司 The method and device of public network IP availability in a kind of detection nat address pool
CN108848194A (en) * 2018-08-20 2018-11-20 普联技术有限公司 Session establishing method, router and conversational system between Intranet client
KR102123831B1 (en) * 2018-12-31 2020-06-17 주식회사 케이아이씨텍 Method for internal network connection in external network through keep alive trunking and apparatus thereof
CN111385363A (en) * 2020-03-17 2020-07-07 杭州圆石网络安全技术有限公司 Resource allocation method and resource allocation device
CN114070815A (en) * 2020-07-28 2022-02-18 中创为(成都)量子通信技术有限公司 Method and device for expanding NAPT support based on VPP
CN112202935A (en) * 2020-08-28 2021-01-08 中盈优创资讯科技有限公司 NAT address pool management method and device
CN112965824A (en) * 2021-03-31 2021-06-15 北京金山云网络技术有限公司 Message forwarding method and device, storage medium and electronic equipment
CN114745413A (en) * 2022-04-06 2022-07-12 苏州浪潮智能科技有限公司 Access control method and device for server, computer equipment and storage medium
CN114979065A (en) * 2022-04-12 2022-08-30 北京威努特技术有限公司 Method and device for improving source NAT address translation effectiveness

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
负载均衡技术在防火墙系统中的应用;吴璇, 隋红建;计算机应用;23(S2);22-24 *

Also Published As

Publication number Publication date
CN115514732A (en) 2022-12-23

Similar Documents

Publication Publication Date Title
US20180254980A1 (en) System and method for real-time load balancing of network packets
US7554992B2 (en) Mobile device communications system and method
CN111431758B (en) Cloud network equipment testing method and device, storage medium and computer equipment
EP2211270A2 (en) Methods and systems for testing stateful network communications devices
EP1892887A1 (en) Communication method between communication devices and communication apparatus
CN107360247B (en) The method and the network equipment of processing business
CN106470136B (en) Platform test method and platform test system
WO2022151643A1 (en) Domain name resolution method and system
US10178015B2 (en) Methods, systems, and computer readable media for testing network equipment devices using connectionless protocols
CN113452778B (en) Session holding method, device, equipment, system and storage medium
CN114095388B (en) Method for exchanging data packet classification identifiers between RTC/RTE equipment and WiFi access point and wireless access point
CN109413018B (en) Port scanning method and device
US8443094B2 (en) Computer system comprising a communication device
CN115514732B (en) Source NAT IP distribution method and device based on TCP connection number
CN102075588A (en) Method and system for realizing network address translation (NAT) transversing and equipment
WO2023173876A1 (en) Data communication method and apparatus, device and medium
US10834179B2 (en) Load balancing
CN107104892A (en) The method and apparatus of network acceleration
CN113872949B (en) Address resolution protocol response method and related device
CN115277806A (en) Cloud desktop connection method, device and equipment
EP3407553A1 (en) Pppoe message transmission method and pppoe server
CN110601993B (en) Multi-outlet load balancing method and device
CN111447302B (en) Method and system for simulating multi-client to test DHCP (dynamic host configuration protocol) by using raw socket
CN114598675A (en) Control method, device, equipment and medium for realizing host blocking based on ARP
WO2014169590A1 (en) Data service communication method, device, and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information

Inventor after: Zhao Hongwei

Inventor after: Gao Tingjing

Inventor before: Lu Jinyi

Inventor before: Zhao Hongwei

Inventor before: Gao Tingjing

CB03 Change of inventor or designer information
GR01 Patent grant
GR01 Patent grant